Kaspersky named leader in 2025 SPARK Matrix for cyber threat intelligence
The SPARK Matrix report highlights Kaspersky's ability to deliver comprehensive services that support organisations globally in detecting, attributing, and responding to complex cyber threats. According to QKS Group, Kaspersky's threat intelligence offering is backed by extensive cybersecurity experience and a research team acknowledged internationally for its work.
Kaspersky's Threat Intelligence services provide real-time access to an extensive collection of threat data, advanced persistent threat (APT) insights, malware analysis, and digital risk intelligence. The company reports that it tracks more than 1,100 cyber threat actors and campaigns worldwide and produces upwards of 200 threat intelligence reports each year.
The continual research effort by Kaspersky supports a large-scale APT collection containing over 100,000 files, augmented by the use of advanced automated tools. This combination helps the company deliver a high degree of attribution accuracy for threat actor identification and campaign analysis, which is crucial for managed security service providers (MSSPs) and large enterprises seeking robust cyber defence capabilities.
Kaspersky was acknowledged for its position in both technological leadership and customer impact among vendors assessed globally by QKS Group. This recognition highlights the company's contribution to the evolving field of cyber threat intelligence and its practical value to a range of organisations facing security challenges.
Alexander Liskin, Head of Threat Research at Kaspersky, said, "We are honored to be recognised as a Leader in the 2025 SPARK MatrixTM for Digital Threat Intelligence Management by QKS Group. This acknowledgment reflects our long-standing commitment to providing deep, actionable threat intelligence that helps organisations stay ahead of ever-evolving cyber threats. We will continue to innovate and empower our customers and partners with the tools they need to protect their digital environments with confidence."
The SPARK Matrix report also points to recent enhancements in Kaspersky's offerings. QKS Group Analyst Arpita Dash commented, "Kaspersky continues to differentiate itself in the threat intelligence space with its rich and meaningful context, deep expertise in malware detection and APT research, and a vast collection of malware and clean files for precise attribution. Its latest advancements, including the Digital Footprint Intelligence Dashboard and enhanced multitenancy capabilities, significantly improve usability for MSSPs and enterprises."
"The introduction of a Tenant Center dashboard further streamlines threat monitoring and asset management. With AI localisation for Threat Intelligence Reporting and an interactive mode for the Research Sandbox on the roadmap, Kaspersky reinforces its commitment to driving innovation in cyber threat intelligence."
Organisations utilising Kaspersky's intelligence solutions gain access to resources that aim to improve their ability to respond to cyber incidents and manage digital risk. Features such as the Digital Footprint Intelligence Dashboard are designed to help enterprises monitor and understand their exposure, while multitenancy capabilities cater to the requirements of organisations managing security for multiple clients or subsidiaries.
The roadmap for Kaspersky's threat intelligence services includes further enhancements such as artificial intelligence-based localisation for threat intelligence reports and interactive improvements to its research sandbox tools. These developments are intended to broaden the accessibility and effectiveness of Kaspersky's offerings for a diverse global user base.
Kaspersky's recognition in the 2025 SPARK Matrix assessment by QKS Group reflects industry acknowledgment of its commitment to providing customers with contextual and actionable threat intelligence, supporting a broad spectrum of defence strategies against modern cyber risks.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
01-07-2025
- Techday NZ
Exclusive: Qualys' Sam Salehi explains why ANZ firms are turning to risk platforms
Cybersecurity is changing fast - and Australian and New Zealand businesses are struggling to keep up. According to Sam Salehi, Managing Director of Qualys for Australia and New Zealand, the region is facing a combination of a skills crisis, evolving threat landscape and rising customer expectations. Salehi has led the ANZ arm of the cybersecurity company for just over a year. His number one focus is supporting customers while growing his team and expanding services through partners. "In the next 12 months, we will continue to develop our managed risk operation centre (mROC) services in partnership with MSSPs," he said. "I'll also focus on hiring more people and expanding the team in the ANZ region." However, talent is hard to come by. "My take on it is cybersecurity moves really fast," he said. "We haven't paid enough attention to educating the younger generation to enter this field. Also, many people are coming from other industries, which means it takes longer to upskill." He referenced a global estimate predicting over three million cybersecurity jobs will be vacant in 2025. While that figure is staggering, Salehi said it highlights the importance of building an ecosystem of partners and investing in automation. That thinking has led Qualys to embrace a "channel-first" strategy in ANZ. "My team is around seven people, so shifting to channel-first helps us expand market reach and accelerate growth," he said. "We now have more than 80 active partners in this region." The company also created a new role - channel account manager - to support those partners and ensure they're equipped to help customers. It's part of a wider effort to raise awareness of what Qualys actually offers. "Though we are a household brand when it comes to vulnerability management, we do 20 different things that people don't know about," Salehi said. "That really shocked me." He added that many customers still assume Qualys is only a VMDR vendor. "When I tell them we play in API security, AI, patching - they're surprised," he said. "Some of them ask, 'Since when are you doing this?' And I say, 'It's been five years.'" Salehi believes part of the issue lies in how the company traditionally went to market, and hopes the channel-first model will broaden its reach and change perceptions. That ties into another growing trend he sees: platformisation. "Companies are now looking for best of platforms, not best of breed," he said. "Instead of having ten vendors, they want to narrow it down to three and get better outcomes." Cloud security and remediation are also top requests from customers, alongside automation tools that help lean teams do more with less. To support that, Qualys recently launched TruRisk Eliminate - a platform offering patching, mitigation and isolation from a single console. It's aimed at overwhelmed security teams who need more efficient ways to reduce exposure. "There are ready-made playbooks so your team doesn't have to spend hours researching how to fix something," Salehi explained. "The isolation feature is also granular - you can lock a server to run just a few specific applications." Another recent addition is Policy Audit, an enhancement to the company's existing compliance tools. "This drastically cuts manual audit preparation time," he said. "It helps organisations stay audit-ready, especially with increasing regulations like the SOCI Act and mandatory data breach notifications." Qualys has also leaned into education and community building. Over the past year, Salehi and his team delivered 20 risk quantification workshops across ANZ, led by US-based expert Richard Seiersen. "When you give back to your community and enhance knowledge around a critical topic like risk management, it builds trust," he said. The workshops were free and well attended, each drawing 8 to 12 senior stakeholders from across industries. Salehi described Seiersen as "a celebrity in cybersecurity risk". "People want help communicating cyber risk in a business context," he said. "That's still missing in the market." Salehi says one of the most impactful developments for Qualys in this space is the company's Enterprise TruRisk Platform, which underpins its Risk Operations Centre (mROC) offering. It unifies cybersecurity, operational and financial risk insights into a single pane of glass. "It enables business context," he said. "Not all vulnerabilities matter equally - it depends on their impact. This helps customers focus on what matters first." That solution is also available via a managed version (mROC), delivered in partnership with MSSPs. "These partners become strategic advisors to customers," he said. "They help with risk advisory, onboarding, integration and continuous monitoring." "Reflecting on the past 13 months, Salehi said his focus was on bringing everyone together - being a small team, fostering a culture of support and collaboration was key". "It took time to bring everyone together and build a culture of support," he said. "We're a small team, and some functions like HR and legal are offshore, so collaboration is key." Despite being part of a publicly listed company, Salehi said Qualys has a family-like culture. Much of that comes from CEO Sumedh Thakar, who's been with the business for over two decades. "He's so approachable and empowering," he said. "It inspired me to lead the same way in ANZ." For Salehi, customer relationships remain a top priority. "I've had over 100 customer meetings this year," he said. "It's not about selling a product, it's about understanding the person in front of you."
Techday NZ
03-06-2025
- Techday NZ
SOCRadar boosts MSSP support with free AI training, new tools
SOCRadar has announced an expansion of its Managed Security Service Provider (MSSP) programme designed to support partners in scaling operations, automating threat workflows, and improving service delivery. As part of the enhanced programme, SOCRadar will provide free AI Agent and Automation Training to its partners. This training aims to educate MSSPs on the use of AI agents and generative AI (GenAI) technologies to streamline security operations centre (SOC), threat intelligence, and vulnerability management processes. The training is described as platform-agnostic, equipping MSSP partners with hands-on experience to build their own AI-powered workflows, irrespective of the specific tools they currently deploy. Alongside the introduction of free training, SOCRadar has implemented several enhancements to its MSSP programme, including multi-tenant licensing, threat intelligence use cases designed specifically for MSSPs, a Multi-Tenant Management Console, and configurable External Threat Assessment Reports. "Our enhanced MSSP program enables partners to scale smartly and serve clients more effectively. By combining AI Agents with our extended threat intelligence capabilities, MSSPs can double their operational efficiency—automating routine workflows, accelerating incident response, and delivering tailored intelligence without adding headcount. We believe AI Agents and GenAI will be foundational to the future of MSSPs, and we're committed to helping our partners lead that transformation," Huzeyfe Onal, Chief Executive Officer of SOCRadar, said. According to SOCRadar, its AI agents are intelligent automation components embedded within the company's Extended Threat Intelligence (XTI) platform. These agents utilise Large Language Models (LLMs) and automation scripts with the ability to execute complex, multi-stage cybersecurity workflows. Unlike traditional scripts or static rules, SOCRadar's AI agents can analyse contextual information, make decisions based on data, and take actions across multiple IT systems. This approach is intended to reduce the manual workload for analysts, while increasing both the speed and accuracy of threat detection and response. MSSPs can create what SOCRadar refers to as "smart workflows" by establishing specific goals and operational boundaries for each AI agent. The agents then apply planning, reasoning, and learning methods to support tasks such as identifying threats, enriching data, correlating alerts, or prioritising vulnerabilities for remediation. The company listed several key benefits of its framework for MSSPs, including the automation of threat intelligence, SOC, and vulnerability management tasks; reduction in analyst workload while accelerating detection and response times; improvement in decision accuracy with a reduction in false positives; enablement of continuous monitoring across multiple clients without increasing staffing; and the potential to increase both scalability and profitability whilst preserving service quality. SOCRadar reports that it serves over 800 customers in 70 countries. Its Extended Threat Intelligence Platform makes use of artificial intelligence and machine learning for threat detection and to deliver actionable intelligence against cyber threats. The suite of offerings includes Cyber Threat Intelligence, External Attack Surface Management, Brand Protection, Dark Web Monitoring, and Supply Chain Threat Intelligence.
Techday NZ
15-05-2025
- Techday NZ
Morphisec launches KICKSTART Channel Program to boost cyber defence
Morphisec has announced the launch of its KICKSTART Channel Program aimed at empowering channel partners with resources to strengthen ransomware prevention and exposure management capabilities. The initiative introduces a partnership framework for Managed Security Services Providers (MSSPs), Value-Added Resellers (VARs), Distributors, Systems Integrators, Referral Partners, and Technology Partners. Morphisec has structured the KICKSTART Channel Program to provide world-class support, incentives, and direct access to its Anti-Ransomware Assurance Suite. A central component of the programme is Morphisec's Ransomware-Free Guarantee, now available to channel partners. This guarantee offers customers a refund if a ransomware breach occurs after purchasing the Anti-Ransomware Assurance Suite, which is intended to enhance transparency and boost confidence among both partners and their customers. Ron Reinfeld, Chief Executive Officer of Morphisec, commented, "In today's threat environment, security service providers and their customers can no longer afford to rely solely on detection and response — prevention must be a core pillar. With the expansion of our Channel Program, we are deepening our commitment to continued innovation and also making industry-leading protection accessible to the organizations that need it most. We're proud to equip our partners with proven solutions that stop ransomware in its tracks and redefine the future of cybersecurity." The programme's expansion coincides with the appointment of two channel sales leaders: Avery Kraft has been named Director of Global MSSP Sales, following roles at Rapid7, Dimension Data, and Cisco; William Stevens assumes the role of Director of Global VAR Sales, having previously worked at Deepwatch, Cybersixgill, and XM Cyber. Avery Kraft said, "Our MSSP partners are seeking ways to stay ahead of an increasingly sophisticated threat landscape while maximising operational efficiency. Morphisec's prevention-first technology and Ransomware Protection as a Service (RPaaS) empowers MSSPs to offer customers truly differentiated protection that goes beyond traditional endpoint defences — and I couldn't be more excited to help our partners as we pivot to a 100% channel-first company." William Stevens added, "With the cybersecurity channel more competitive than ever, partners need solutions that are both disruptive and operationally simple. Morphisec delivers exactly that: proven prevention, a low-complexity deployment model and high-margin opportunities. Joining Morphisec allows me to help partners thrive while reshaping endpoint protection for their customers." The KICKSTART Channel Program outlines specific benefits for different types of partners. For MSSPs and Managed Service Providers (MSPs), the programme offers high margins, low competition, scalable endpoint protection (including defences powered by Automated Moving Target Defense (AMTD)), flexible billing, and comprehensive onboarding support. For VARs, Morphisec provides access to guaranteed margins, co-marketing funds, local market development opportunities, and a partner portal with sales enablement, certification tracks, and marketing resources. Distributors are offered flexible billing terms to optimise cash flow, commitment-based incentives, and technical and go-to-market support. Morphisec's focus on prevention-first security comes as the industry faces growing demands for proactive threat mitigation, with increasing sophistication of artificial intelligence-driven attacks and a rise in fileless and zero-day threats. The company stated that traditional detection and response solutions are often struggling to keep pace with these more advanced attacks. "Innovation without accessibility is meaningless," said Ron Reinfeld. "Through the Channel Program, Morphisec is not only continuing to lead with innovation but making sure the benefits of our groundbreaking protection reach the cybersecurity community at large, and the security service partners organizations depend on." Morphisec referenced its work with Omega Systems, a managed security services provider that has integrated Morphisec's AMTD technology into its endpoint security stack. Ben Tercha, Chief Operating Officer of Omega Systems, stated, "Sophisticated threats like fileless and in-memory attacks are increasingly evading traditional EDR defences. By incorporating Morphisec's Automated Moving Target Defense technology into our endpoint security stack, we're able to neutralise these threats at the source. This proactive, prevention-first model gives our customers a critical advantage — securing their environments against attacks that legacy solutions often miss." The partner ecosystem for Morphisec now includes organisations such as SHI, Consortium, and GuidePoint Security. The company sees the expansion of its Channel Program as a step towards strengthening cyber defences for a broad range of customers facing today's ransomware and cyberattack threats.
